Phishing – obtaining financial or other confidential information from internet users, typically by sending an email that looks as if it is from a legitimate organization (often a financial organization), but contains a link to a fake website that replicates the real one.

Spoofing – is the creation of email messages with a forged sender address.  It is a tactic used in phishing and spam campaigns as recipients of emails are more likely to open an email when they think it has been sent by a legitimate source.

10 Hints to spot spoofed emails:

• The use of poor spelling and grammar
• Unexpected email attachments
• Missing or old company logos
• Sudden requests for personal information
• Sudden requests for a payment to be made
• Generic email subject or greeting
• Suspicious links in emails
• Amazing offers (to good to be true)
• Unexpected prizes
• Unexpected inheritances (often foreign)

Don’t open supplied links and never disclose personal information and PIN numbers – contact the organization to verify information through publicly available numbers or addresses – not via numbers and addresses supplied in the phishing email itself!